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Method for setting up secure connections 
Menetelma turvattujen yhteyksien luomiseen 
Forfarande for uppsattning av forsakrade forbindelser 

5 

BACKGROUND OF THE INVENTION 
Field of the invention 

10 The present invention is related to connections in IP (Internet Protocol) based 
networks, especially connections according to the IPSec protocol. Specifically, the 
invention is directed to a method according to the first independent method claim. 

Description of related art \ 

15 

The basic protocols used in the Internet, namely the IP protocol [IP] and TCP 
protocol [TCP] were created in an environment, where security was not a concern. 
Consequently, the security of a basic TCP/IP network is very poor if not 
practically nonexistent, if no further measures are taken. Many different 

20 approaches to improve the security of TCP/IP networks have been taken. One of 
the most popular techniques is the IPSec protocol [IPSec], which at the time of 
writing this application has established itself as an industry standard. The IPSec 
protocol provides a framework for establishing, using, and terminating secure 
connections over untrusted networks. The IPSec protocol does not strictly define 

25 which encryption methods are used. The encryption method is negotiated by the 
communicating parties during setup of a connection, which allows the change and 
improvement of encryption methods without breaking the IPSec protocol itself. 
IPSec is by construction a unidirectional protocol. For two-way communication, 
two communication channels must be set up, one for each direction. The IPSec 
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protocol is described in further detail in the reference [IPSec] and in the 
documents referred to therein. 

Some of the acronyms used in this application are the following: 

5 



AH 


authenticated header 


CA 


certificate authority 


ESP 


encapsulated security payload 


IKE 


Internet Key Exchange 


IP 


Internet Protocol 


IPSec 


Internet Protocol Security 


ISAKMP 


Internet Security Association and Key Management Protocol 


PKI 


public key infrastructure 


RA 


regional authority 


SA 


security association 


TCP 


Transmission Control Protocol 



The IKE protocol [IKE] is a mechanism allowing automatic key management, i.e. 
a mechanism for negotiating and obtaining authenticated keying material for 
: 20 security associations in a protected manner for use with ISAKMP, and for other 
SAs such as AH and ESP security associations for the IPSec protocol. 

A security association (SA) is a security protocol specific set of parameters that 
defines the services and mechanisms necessary to protect traffic at that particular 
25 security protocol location. These parameters can include algorithm identifiers, 
modes, cryptographic keys, and other parameters necessary for the specific 
protocol. 
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The Internet Security Association and Key Management Protocol (ISAKMP) 
[ISAKMP] defines the procedures for authenticating a communicating node, 
creation and management of security associations, and key generation techniques. 

5 These protocols allow the building of secured network systems, and provide 
solutions for many practical problems associated with management of keys and 
other critical information. Key management, and the management of certificates 
which are typically used for authentication purposes, becomes a major problem 
when the number of communicating nodes within a secured network rises above a 

10 handful of nodes. A widely accepted structure for solving this problem is the PKI 
(public key infrastructure) system, which relies on a hierarchy of certificate 
authorities (CA) for providing a chain of certificates traceable to a common 
authority trusted by both communicating parties. CAs issue certificates for parties 
needing a proof of identity, and during the issue process check the true identity of 

15 the party requesting a certificate. This principle makes the management of 
extremely large numbers of certificates feasible. However, a CA based structure is 
complicated and too heavy a solution for many purposes, especially when the 
number of communicating parties is not very high, or for example when the group 
of communicating parties do not have any central organization or resources of a 
: 20 commercial organization. The complicated nature of a CA based structure is 
evident from the observation, that at the time of writing this application the 
associated standards have been in usable state for several years, many large 
corporations are manufacturing and selling the necessary technology, and many 
government organizations in many countries have programs for establishing a PKI 

25 structure for use by the citizens; despite all this the number of full-blown, working 
PKI structures is very low, and they are far from mainstream technology in 
common use. For many purposes, a lighter system for providing authentication for 
users of IPSec based secure communications systems is needed. For example, 
many voluntary organizations such as various user and hobby groups, student 
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organizations, and other interest groups often have a need for secure 
communications, without sufficient resources for a full PKI system. 

SUMMARY OF THE INVENTION 

5 

According to the invention, the problem of checking the identity of others is 
alleviated by creating a mechanism, which allows users to trust and utilize the 
checking work performed by certain other users, so that every user need not check 
and confirm the identity of every other user. This can be accomplished by 
10 allowing a user who has checked that the identity of a number of other users truly 
correspond to their certificates, produce a list of these checked certificates, so that 
other users can import the list of checked certificates into their systems. The acts 
of producing such a collection of certificates and placing it available to at least one 
other user is called sharing in this application. ; 

15 

When importing such a shared list or collection of certificates, a user can accept all 
of the certificates in the list in one operation, without explicit checing of each and 
every certificate separately. When enough users have imported and accepted 
checked certificate collections of other users, a network of bidirectional trust is 
20 born. An important benefit of the invention is, that no central authority is needed 
for creating the individual certificates. Each person can create his/hers own 
certificate (such as a so called self-signed certificate), and since one trusted person 
has checked that the certificate corresponds to the individual which the certificate 
purports to represent, others can trust the certificate. 

25 

In an advantageous embodiment of the invention, the inventive functionality is 
implemented in an IPSec client program in the local computer of a user. When 
setting up a connection to a remote computer of another user, the IPSec client 
program fetches automatically the certificate of the remote computer and allows 
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the user to decide, whether to trust the certificate or not. Naturally, if the remote 
end was already known and its certificate previously obtained and accepted, there 
is no need to ask the user again. The IPSec client program then sets up an IPSec 
connection from the local computer to the remote computer for achieving secrecy 
5 of communications from the local computer to the remote computer. The remote 
computer may perform in the way set as default in that computer; if secured 
connections are desired, the remote computer can perform the same steps as the 
local computer, obtaining the certificate and setting up a secured connection. An 
advantage here is, that the process of setting up of a secured connection from the 
10 local to the remote computer can be performed automatically without disturbing 
the remote user at all. The remote user does not even need to know the identity of 
the local user, nor does he need to know that the communication from the local 
computer to the remote computer proceeds via IPSec. This method of establishing 

i 

unidirectional secured connections is therefore very easy and convenient. After a 
15 time, when the user has set up connections to computers of several users, the user 
has accumulated a collection of accepted certificates. By sharing these certificates 
with other users, the other users can take these certificates into use for obtaining 
the benefit of automatic setting up of secured communications to those users, 
whose certificates were shared. 

20 

For example, let us consider four users, named A, B, C, and D. Let us assume that 
A knows personally persons B, C, and D. Consequently, A is able to check that the 
identity represented by certificates sent to A by the others really correspond to the 
real identity of persons B, C, and D. Person A can perform the checking for 
25 example by calling the others by telephone thereby personally recognizing the 
others and asking them to recite an identification string of each person's certificate, 
and by comparing the recited identification string to the string obtainable from the 
received certificates. Next, person A prepares a list of the checked certificates and 
either sends the list to the others or places it in a place accessible by the others. 
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Persons B, C, and D can then import the list into their systems. Preferably, persons 
B, C, and D should check that the list is indeed prepared by A and not by a 
malicious outsider. The checking can be performed in various ways. For example, 
A can add a digital signature to the list, whereby the others can check his signature 
5 using a previously obtained copy of the certificate of person A. In such a scheme, 
persons B, C, and D should check that the certificate of person A corresponds to 
the real person A. This checking can for example be performed during the same 
phone call, when person A checks the other person. After importing the list 
prepared by A, persons B, C, and D can initiate mutual communications without 

10 need to check the identity of the others, due to the trust placed on the checking 
performed by A. In this example, persons B, C, and D only need to check the 
identity of A to be able to use the certificates of three others. This example of only 
four persons is very small example, whereby the saving of trouble is not very high 
in practice, but as the size of the group grows, the benefits of the inventive 

1 5 arrangement become larger. 

Further, if all persons involved do not know each other, the checking of the 
identity of the unfamiliar persons is a problem in itself. Let us assume B does not 
know persons C and D, but only knows person A. Checking of the identity of 
20 persons C and D would present a very large problem for B, especially if persons C 
. . and D are too far away for a personal meeting and checking of passports or other 
personal identification. However, as A knows personally both C and D and B 
knows A, B can trust A's judgment and accept the identities of C and D. This is a 
considerable advantage. 

25 

Naturally, the security of such an arrangement requires that those users importing 
a list of checked certificates really trust the user who has performed without error 
and without any wrongful intention the checking of the certificates in said list. 
However, one of the cornerstones of the invention is the realization, that this kind 
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of security is useful and sufficient in many circumstances, where the cost and 
trouble of creation, maintaining and use of a full IKE system would be out of 
proportion regarding the available resources and needed security level. 

5 The invention allows the setup of a network of IPSec connections easily and 
simply, without any need for a centralized certificate management system such as 
an IKE based system. Users can accept certificate collections of other users, 
thereby creating a network of bidirectional trust from collections representing 
unidirectional trust. This network of trust can be created without requiring each 

10 and every user taking part in the network to check the identities of all other users. 
Such an inventive scheme is very advantageous for groups which do not have 
strong centralized structure, such as user groups, various interest groups, and many 
other types of groups of people. The inventive scheme is very advantageous also 
for smaller organizations, for which a full IKE and certificate authority based 

15 centrally controlled certificated management structure would be a too heavy 
solution. For example, in a small company of for example around 30 persons, at 
least one or two persons are likely to know all others. These persons can then 
receive the certificates of all others, and easily check that each certificate 
corresponds to the person the certificate purports to represent. All others can then 

20 import the checked certificate list of these persons performing the checking, 
whereafter every employee of this exemplary company can communicate with 
everyone else in the company and always be sure, that the other employee really is 
the person which his/hers certificate says him/her to be. 

25 At the time of writing this application the IPSec protocol is the most widespread 
protocol of its kind, which is why this application frequently refers to IPSec as an 
example. However, the invention is not limited for use only with IPSec, since the 
inventive idea can also be used with any other secure communication protocol 
which establishes unidirectional connections. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

Various embodiments of the invention will be described in detail below, by way of 
5 example only, with reference to the accompanying figure 1 which illustrates a 
method according to an aspect of the invention. 

DETAILED DESCRIPTION OF A PREFERRED EMBODIMENT 

10 In an advantageous embodiment of the invention, the obtaining of the certificate of 
the other communicating party is performed automatically by using a partial a 
partial IKE [IKE] negotiation. This is a very advantageous way, since IKE support 
is practically necessary for any full-blown IPSec client, whereby in most cases no 
new functionality is needed at the remote end for the automated obtaining of the 

15 certificate to work. 

Generally, some of the aims of a normal IKE negotiation is to discover the 
certificates of both parties intending to communicate and communication 
parameters such as IKE SA (security association) and IPSec SA parameters. 

20 

In the present embodiment, when a new connection is to be set up, the certificate 
of the other party is obtained by executing a part of an IKE negotiation. The 
inventive system triggers an IKE negotiation with the other party and continues 
the negotiation, until the certificate of the other party is received. The system can 
25 then show an identification string of the certificate to the user and ask the user, 
whether the certificate should be trusted. If the user responds by accepting the 
certificate, at least the certificate is stored in a memory means. 
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The certificate of the other party can be obtained during the IKE negotiation using 
ISAKMP [ISAKMP] phase- 1 (main mode) messages. This messaging can be used 
for only obtaining the certificate of the other party by sending a CR (Certificate 
Request) payload in an ISAKMP message. The CR payload can advantageously be 
5 empty. In the response message which the remote party is required to send as a 
response to receiving a CR payload, the remote party (responder in ISAKMP 
terminology) sends its certificate (or certificate chain) back in a CERT payload. 

Advantageously, also information about possible IKE SA and IPSec SA 
10 parameters obtained from the partial IKE negotiation can be used in the setting up 
of the IPSec connection. This has the advantage, that when IPSec SA parameters 
suitable for the other party have been obtained during the partial IKE negotiation, 
it is possible to avoid unnecessary proposal conflicts during IPSec negotiation, 
therefore avoiding unnecessary signalling which might occur without\such 
15 information obtained before commencement of IPSec negotiation. 

The method of indicating which of the stored certificates are trusted and which are 
not can be implemented in many ways. For example, if only trusted certificates are 
stored, then the fact that a given certificate was stored at some point in time is an 

20 indication, that the user has checked or at least trusts the certificate. As another 
example, the inventive software can store an indication along with a particular 
certificate indicating that the certificate is trusted. In such a case, the collection of 
stored certificates can comprise both trusted and untrusted certificates. As a third 
example, the inventive software can digitally sign a trusted certificate using a 

25 signing key of the user, and store the digitally signed certificate. Later, the 
signature indicates that the user whose signing key was used for the signature 
trusts the particular certificate. 
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The format of a shared collection of trusted certificates can also be different in 
different embodiments of the invention. Advantageously, the collection is 
protected against tampering by outsiders. For example, the collection can 
advantageously be digitally signed by the user who has shared the collection to 
5 other users. Further, each of the certificates can advantageously each be digitally 
signed by the user sharing the collection, which would allow the extraction of 
single certificates from the collection while maintaining the integrity of the 
signature of the particular certificate. The shared collection can also be encrypted 
so that only certain desired users can import the shared collection and others do 

10 not gain the information of whom the user sharing the collection communicates 
with. The encryption can be performed for example using public key 
cryptography, in which case the collection can be encrypted using the public keys 
of each user, who is allowed to import the collection. As a man skilled in the art 
realizes, the collection can be shared in many different technical formats, such as a 

15 single ASCII file, in some database format, or in many other different formats. 

The collection of certificates shared for use by other users can also comprise other 
information in addition to the certificates. For example, the collection can 
comprise terms and rules regarding the use, for which the certificates were 
20 accepted. For example, a certificate can be accepted for certain type or types of 
activity or communication only, and for example for a certain time period only. As 
a man skilled in the art knows, such rules can be devised based on many different 
parameters, whereby the invention is not limited only to these examples described 
here. 

25 

DESCRIPTION OF CERTAIN FURTHER ASPECTS OF THE INVENTION 

According to a first further aspect of the invention, a method for providing 
authentication for setting up secure connections between a plurality of network 
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nodes is provided. A flow chart according to this aspect of the invention is shown 
in figure 1. According to this first aspect of the invention, the method comprises at 
least the steps of 

- placing 110 a collection of accepted certificates comprising at least one accepted 
5 certificate available for other nodes by said first node, 

- importing 120 said collection by at least one other node than said first node, 

- setting up 130 of at least one secure connection by at least one of said at least one 
other node to a destination node whose certificate was imported as a part of said 
collection, and automatically accepting the authenticity of said destination node. 

10 

According to an advantageous embodiment of said first aspect of the invention, the 
method further comprises at least the steps of 

- automatically obtaining a certificate of a second node by a first node, , 

- displaying an identification string of said certificate to the user of said first node, 
15 - receiving an indication of acceptance or rejection of trust regarding said 

certificate from said user, and in the case of receiving an indication of acceptance, 
storing at least an indication of the acceptance and said certificate, and 

- setting up a secure connection from said first node to said second node. 

20 According to a further advantageous embodiment of said first aspect of the 
invention, the method further comprises at least the step of digitally signing said 
, collection by said first node. 



25 



According to a further advantageous embodiment of said first aspect of the 
invention, the method further comprises at least the steps of encryption of said 
collection by said first node. 
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The invention is not limited to any particular encryption method and algorithm. A 
man skilled in the art realizes that many different encryption methods could be 
used. 

5 According to a further advantageous embodiment of said first aspect of the 
invention, the method further comprises at least the step of saving certificate use 
policy information in said collection by said first node. 

As discussed previously, this policy information can comprise various rules and 
10 conditions describing the uses for which the certificate has been accepted for by 
the accepting user, such as validity for certain operations only, validity periods, 
and other conditions. 

According to a further advantageous embodiment of said first further aspect of the 
15 invention, the method further comprises at least the step of digitally signing each 
certificate in said collection by said first node. 

The signing of single certificates can for example be performed when the 
particular certificate is obtained from the corresponding node and accepted by the 
20 user, so that the certificate is originally stored as undersigned. In such an 
embodiment of the invention, the existence of a signed certificate indicates that the 
certificate was accepted by the user. 

According to a second further aspect of the invention, the inventive idea is realized 
25 as a method in a single network node. This second further aspect of the invention 
provides a method in a network node for setting up secure connections between 
the node and other network nodes. The method according to this aspect comprises 
at least the steps of 

- automatically obtaining a certificate of a second node by the network node, 
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- displaying an identification string of said certificate to the user of the network 
node, 

- receiving an indication of acceptance or rejection of trust regarding said 
certificate from said user, and in the case of receiving an indication of acceptance, 

5 storing at least an indication of the acceptance and said certificate, 

- setting up a secure connection from the network node to said second node, and 

- placing a collection of accepted certificates comprising at least one accepted 
certificate available for other nodes by the network node. 

10 According to a third further aspect of the invention, the inventive idea is realized 
as a method in a single network node. This third further aspect of the invention 
provides a method in a network node for setting up secure connections between 
the node and other network nodes. The method according to this aspect comprises 
at least the steps of \ 

15 - importing a collection of accepted certificates from at least one other node, 

- setting up of at least one secure connection to a destination node whose 
certificate was imported as a part of said collection, and automatically accepting 
the authenticity of said destination node. 

20 According to a fourth further aspect of the invention, the inventive idea is realized 
as a system. This fourth further aspect of the invention provides a system in a 
network node for setting up secure connections between network nodes. The 
system according to this aspect comprises at least 

- means for placing a collection of accepted certificates comprising at least one 
25 accepted certificate available for other nodes, 

- means for importing a collection of accepted certificates from another node, 

- means for setting up of at least one secure connection to a destination node, and 
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- means for automatically accepting the authenticity of a destination node, if the 
certificate of said destination node was previously imported by said means for 
importing. 

5 According to a fifth further aspect of the invention, the inventive idea is realized as 
a computer program product. This fifth further aspect of the invention provides a 
computer program product for setting up secure connections between network 
nodes. The computer program product according to this aspect comprises at least 

- computer program code means for placing a collection of accepted certificates 
10 comprising at least one accepted certificate available for other nodes, 

- computer program code means for importing a collection of accepted certificates 
from another node, 

- computer program code means for setting up of at least one secure connection to 

c 

a destination node, and \ 
15 - computer program code means for automatically accepting the authenticity of a 
destination node, if the certificate of said destination node was previously 
imported by said means for importing. 

According to a further advantageous embodiment of said fifth further aspect of the 
20 invention, the computer program product further comprises firewall functionality. 

According to a further advantageous embodiment of said fifth further aspect of the 
invention, the computer program product is an IPSec client program. 

25 According to a sixth further aspect of the invention, the inventive idea is realized 
as a computer in a network having network nodes. The computer according to this 
aspect comprises at least 

- computer program code means for placing a collection of accepted certificates 
comprising at least one accepted certificate available for other nodes, 
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- computer program code means for importing a collection of accepted certificates 
from another node, 

- computer program code means for setting up of at least one secure connection to 
a destination node, and 

5 - computer program code means for automatically accepting the authenticity of a 
destination node, if the certificate of said destination node was previously 
imported by said means for importing. 

FURTHER CONSIDERATIONS 

10 

The invention has been described using some particular advantageous 
embodiments as examples. However, various implementations of the invention are 
not limited to the described examples, and the invention can be realized in many 
different ways within the scope of the attached patent claims. For example, in 
15 addition to IPv4 networks, the invention can be used in IPv6 networks as well. 
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Claims 



1. A method for providing authentication for setting up secure connections 
between a plurality of network nodes, characterized in that the method comprises 
at least the steps of 

placing a collection of accepted certificates comprising at least one accepted 
certificate available for other nodes by said first node, 

importing said collection by at least one other node than said first node, 

setting up of at least one secure connection by at least one of said at least one other 
node to a destination node whose certificate was imported as a part of said 
collection, and automatically accepting the authenticity of said destination node. 

2. A method according to claim 1, characterized in that the method further 
comprises at least the steps of 

automatically obtaining a certificate of a second node by a first node, 

displaying an identification string of said certificate to the user of said first node, 

receiving an indication of acceptance or rejection of trust regarding said certificate 
from said user, and in the case of receiving an indication of acceptance, storing at 
least an indication of the acceptance and said certificate, and 

setting up a secure connection from said first node to said second node. 
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3. A method according to claim 1, characterized in that the method further 
comprises at least the step of digitally signing said collection by said first node. 

4. A method according to claim 1, characterized in that the method further 
5 comprises at least the steps of encryption of said collection by said first node. 

5. A method according to claim 1, characterized in that the method further 
comprises at least the step of saving certificate use policy information in said 
collection by said first node. 

10 

6. A method according to claim 1, characterized in that the method further 
comprises at least the step of digitally signing each certificate in said collection by 
said first node. 

\ 

15 7. A method in a network node for setting up secure connections between the node 
and other network nodes, characterized in that the method comprises at least the 
steps of 

automatically obtaining a certificate of a second node by the network node, 

20 

displaying an identification string of said certificate to the user of the network 
: node, 

receiving an indication of acceptance or rejection of trust regarding said certificate 
25 from said user, and in the case of receiving an indication of acceptance, storing at 
least an indication of the acceptance and said certificate, 



setting up a secure connection from the network node to said second node, and 
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placing a collection of accepted certificates comprising at least one accepted 
certificate available for other nodes by the network node. 

8. A method in a network node for setting up secure connections between the node 
5 and other network nodes, characterized in that the method comprises at least the 

steps of 

importing a collection of accepted certificates from at least one other node, 

10 setting up of at least one secure connection to a destination node whose certificate 
was imported as a part of said collection, and automatically accepting the 
authenticity of said destination node. 

9. A system in a network node for setting up secure connections between network 

v 

15 nodes, characterized in that the system comprises at least 

means for placing a collection of accepted certificates comprising at least one 
accepted certificate available for other nodes, 

20 means for importing a collection of accepted certificates from another node, 

means for setting up of at least one secure connection to a destination node, and 

means for automatically accepting the authenticity of a destination node, if the 
25 certificate of said destination node was previously imported by said means for 
importing. 
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10. A computer program product for setting up secure connections between 
network nodes, characterized in that the computer program product comprises at 
least 

5 computer program code means for placing a collection of accepted certificates 
comprising at least one accepted certificate available for other nodes, 

computer program code means for importing a collection of accepted certificates 
from another node, 

10 

computer program code means for setting up of at least one secure connection to a 
destination node, and 

computer program code means for automatically accepting the authenticity of a 
15 destination node, if the certificate of said destination node was previously 
imported by said means for importing. 

1 1. A computer program product according to claim 10, characterized in that 
the computer program product comprises firewall functionality. 

20 

12. A computer program product according to claim 10, characterized in that 
the computer program product is an IPSec client program. 

13. A computer in a network having network nodes, characterized in that the 
25 computer comprises at least 



computer program code means for placing a collection of accepted certificates 
comprising at least one accepted certificate available for other nodes, 
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computer program code means for importing a collection of accepted certificates 
from another node, 

computer program code means for setting up of at least one secure connection to a 
destination node, and 

computer program code means for automatically accepting the authenticity of a 
destination node, if the certificate of said destination node was previously 
imported by said means for importing. 



Abstract 
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According to the invention, the problem of checking 
the identity of others is alleviated by creating a 
mechanism, which allows users to trust and utilize 
the checking work performed by certain other users, 
so that every user need not check and confirm the 
identity of every other user. This can be 
accomplished by allowing a user who has checked 
that the identity of a number of other users truly 
correspond to their certificates, produce a list of these 
checked certificates, so that other users can import 
the list of checked certificates into their systems. 
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Fig. 1 



